[youtube=https://www.youtube.com/watch?v=M7nqP8AvXUg]

The ultra-simple setup offered by Chromecast leaves them vulnerable to being hijacked, with an attacker able to direct any content they want to your TV, says a security analyst – who proved the point by building a box to Rickroll any Chromecasts within wifi range … 

The key to Chromecast’s painless configuration is that it goes into setup mode as soon as it finds itself without a wifi connection. It’s this feature which the attack exploits. TechCrunch summarized the 20-minute video in which Dan Petro explains how the hack works.

  • The WiFi standard has something called a “deauth” command built-in, which tells a device that it needs to leave the network and try to reconnect
  • For one reason or another, this command is sent to a device without encryption… which means it can also be sent from devices that aren’t actually allowed on the network. That’s not a Chromecast bug; it’s a fairly universal quirk of WiFi devices. Most devices just go “Okay, whatever” and instantly reconnect.
  • The Chromecast, however, responds to the deauth command by going back into configuration mode. It starts broadcasting its own WiFi, which you — or a prankster — can connect to to configure the device.
  • The Rickmote, built on top of a Raspberry Pi, finds a Chromecast, floods it with deauth commands, then tells it to connect to its WiFi network, instead. Tada! Chromecast hijacked

Wifi networks are pretty short-range, so an attacker would have to be pretty close to your home to pull this off, and could only hijack a handful of Chromecast sticks at any one time. For that reason, it’s unlikely to be a massive concern, but the potential for targeted malicious attacks is there – especially as the source code is on GitHub. (Which has an amusing Rickroll of its own in the More information section.)

FTC: We use income earning auto affiliate links. More.


Check out 9to5Google on YouTube for more news:

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Ben Lovejoy's favorite gear